Version 2.1 has reimplemented some of its networking. Bridging a virtual machine can now be done entirely from the graphical user interface.

NAT over PPPoE

Some ISPs check the value of the TTL field of the IP packets coming from your computer. TTL is a number associated with every IP packet that is decremented at every hop encountered on it's way. When the TTL gets to zero, the IP packet gets discarded.

Using this information, some ISPs decided to limit the number of computers connected on a network by discarding packets with that originate from the host and have a TTL different from what they expect (64, 128, etc.) and to change the TTL of all packets destined to the host to 1. This way, if there's another computer X behind the one that is connected A, its TTL will be decremented by the A when sending it on the internet. The ISP will detect that an unexpected TTL was received (63, 127, etc.) and will drop the packet. Similarly, when the ISP must forward a packet to the host A, it sets the TTL to 1. This way if the packet was really destined to X, A will decrement the TTL, will see that it's zero and will drop it before sending it to the computer.

The same things apply when X is a virtual machine running on the host A.

To enable the internet connection on Virtualbox virtual machines in such conditions you need to alter the TTL:

increment the TTL of packets as soon as they come in on the interface ppp0 (the default internet connection, this may buteth0, eth1, wlan0, etc.)

sudo iptables -t mangle -A PREROUTING -i ppp0 -j TTL --ttl-inc 1

alter the packets as they are about to get out

sudo iptables -t mangle -A POSTROUTING -j TTL --ttl-set 64

Host Networking

Connecting a virtual machine through NAT will allow the guest to connect to systems on the network (including the host or some website). A machine on the network will not be able to initiate a connection to the guest though.

But typically, one might want to connect from the host to the guest (as is the case when the guest runs a web server or an ssh server). For this use case, bridging can be used (one must be aware that bridging will make a virtual machine visible to the network so it must be secured beforehand)

Host Networking with VirtualBox 2.1 and later versions

Open the settings of the virtual machine. Go to the network section. Pick "Bridge network" in the list of "Attach to" options. Choose the network interface you want to bridge with. Most of the time, this will be "eth0" for a wired network, only IPv4 is supported for wireless interfaces.

Host Networking in Ubuntu 10.04

You just need to load the "vboxnetflt" modules if it isn't loaded yet, and adjust the networking type in the VirtualBox Guest Network Settings to Attach to "Host Interface".

sudo modprobe vboxnetflt

Note: This is now available for the OSE version as well, contrary to the report regarding 8.10 below

Host Networking in Ubuntu 10.04

You just need to load the "vboxnetflt" modules if it isn't loaded yet.

sudo modprobe vboxnetflt

Note: This does not work by default with virtualbox-ose, as the vboxnetflt module doesn't seem to be included in the package. Fix unknown.

Host Networking in Ubuntu 10.04 and older

To configure Host Networking you need to configure network bridging, you basically go through four steps on the host machine:

install necessary packages

declare bridge and real network interface you add to it

declare virtual interfaces

set permissions on /dev/net/tun

Install necessary packages

First you need to install bridge-utils to be able to create network bridges:

$ sudo apt-get install bridge-utils

Declare bridge

Before you begin, back up the current interfaces file with a copy that has the current date in its name:

Replace 192.168.0.100 with your IP, 255.255.255.0 with your netmask and 192.168.0.1 with your gateway. If you are using static IP addresses for eth0, eth1, etc; you will need to configure the br0 interface using the same settings! Otherwise your system will request an IP address via DHCP. You may add as many vbox# interfaces as you wish as long as they are also declared in /etc/vbox/interfaces; keep reading for details.

You need to restart networking for the changes to take effect:

$ sudo /etc/init.d/networking restart

You can ignore the messages complaining about the "vbox#" devices.

Declare virtual interfaces which will be used by VirtualBox

To declare the virtual interfaces used by VirtualBox you need to edit /etc/vbox/interfaces on the host machine:

$ sudo nano /etc/vbox/interfaces
# Each line should be of the format :
# []
vbox0 br0
vbox1 br0
...

"vbox#" is an arbitrary name. You may declare here as many virtual interfaces as you wish, as long as they have been properly declared in /etc/network/interfaces. In this specific article, we declared two vbox interfaces in /etc/network/interfaces, then finished setting them up in /etc/vbox/interfaces.

To take the modifications into account, restart the VirtualBox host networking script. If you installed VirtualBox OSE:

$ sudo /etc/init.d/virtualbox-ose restart

If you installed the pre-compiled proprietary version:

$ sudo /etc/init.d/vboxnet restart

The virtual interfaces are now created and added to the bridge.

That's it! Now the different scripts will take care of cleanly create/configure/remove bridges and virtual interfaces when you boot and shut your system down.

Set permissions on /dev/net/tun

You need to have read/write permissions on the file /dev/net/tun to be able to use the bridge, to set permissions:

This file is created with the default permissions every time the system restarts, to make the new permissions permanent you have to edit the file /etc/udev/rules.d/20-names.rules and change:

KERNEL=="tun", NAME="net/%k"

to

KERNEL=="tun", NAME="net/%k", GROUP="vboxusers", MODE="0660"

Configure networking in VirtualBox

Once you have everything ready, you can start the VirtualBox management interface on the host machine, configure the network of your virtual machine, and by selecting "host networking", enter the name of one of the virtual adapter you have configured. Start your virtual machine, it gets a network card presented, that you can set up as you wish (static IP address, DHCP) using the network configuration tools inside the virtual machine.

Wireless Networking

Setting up a normal bridged network generally doesn't work if you're bridging from a wireless card to VirtualBox. A simple script that utilises the parprouted tool will allow your VM full access to the wireless network.

You will require parprouted to do this:

sudo apt-get install parprouted

Next, using your favorite text editor, create and edit the script, for example:

sudo nano /etc/network/if-up.d/vbox_network

Then, enter the script (replacing $USER with your username (or whoever you intend to run virtualbox as)). Replace wlan0 with the name of your wireless interface. Use an available IP address on your network for tap0 (I have used 192.168.1.100 in this case):

Now your networking script is installed, the virtual interface tap0 will be available on boot for VirtualBox. Rather than reboot, let's just run the script now:

sudo /etc/network/if-up.d/vbox_network

The final thing to do is tell VirtualBox to use the new virtual device tap0. Open VirtualBox, highlight a VM and click settings. Now choose the network option and select Host Interface on the 'attached to' drop down menu. In the Interface Name text box, enter: tap0

Click ok and start your VM. The VM should now behave as though it was another physical machine on your network!!

Using DHCP in the Guest VM

It was possible to get DHCP to work on the guest virtual machine. Instructions were taken from here. Because parprouted does not relay multicast, we need to use an additional helper daemon to manage this. I tried dhcp-helper and bcrelay, and had the most success with bcrelay.

It seems that I have to start the script by hand after boot. Other than that, host networking now seems to work fine (this issue should be solved by adding the "#!/bin/sh" line just at the beginning of the script.

Cloning Pitfalls Between Different Hosts

When cloning a VirtualBox guest operating system and using it between different host computers, one common pitfall for Debian/Ubuntu guest OSes is the MAC address.

If it differs from the one set for it by the host that created it, you will likely have problems with the networking adapter eth0 not showing up and may only see the lo when typing ifconfig from the CLI.